An exemption from the Data Protection Act that allows personal data to be processed without subjects' permission for the prevention or detection of crime will allow messaging system operators to hand over logs of activity, said Kathryn Wynn of Pinsent Masons, the law firm behind OUT-LAW.COM.
Groups of people have been involved in running battles with police in London since Saturday, setting fire to vehicles and buildings, vandalising property and looting businesses. The riots began after a policeman shot dead London resident Mark Duggan on Thursday.
Research In Motion (RIM), the makers of Blackberry mobile devices, has said it has "engaged with authorities" that are involved in tackling the riots. Messages posted through the social network Blackberry Messenger are thought to have helped organise some of the riots.
RIM said it complies with UK interception of communications laws and is co-operating with the police, but it has not precisely detailed what help it is providing in practice.
The Regulation of Investigatory Powers Act (RIPA) provides that the interception of communications is unlawful in most cases. However, the Act states that law enforcement agencies, including the police and MI5, can force telecoms companies to hand over customers' details in order to tap phone, internet or email communications to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.
Only "designated" officials at law enforcement bodies can authorise those interceptions of communications.
UK data protection laws make it unlawful for organisations to process personal data – information that can lead to identifying someone – without those people's consent. It is also unlawful to process the data without having legitimate grounds for collecting and using it, using it in a way that will adversely affect individuals.
The Data Protetion Act contains an exemption which states that personal data can be processed for the purposes of the prevention or detection of crime without having to inform individuals if informing the individuals would jeopardise the ability to prevent or detect crime.
RIM can legitimately intercept messages or process them after they have been sent said Wynn, a data protection laws expert with Pinsent Masons.
"Neither RIPA (re interception of emails) nor the Data Protection Act (disclosure of emails and user names to the police) will stand in the way of RIM co-operating with the police because the interception or disclosure is for the purposes of the prevention or detection of crime," Wynn said.
"However, from a data protection laws perspective, RIM will need to ensure that the disclosure is proportional for the purposes," she said. "Therefore, if possible and in the light of the urgency of the situation, the company should avoid disclosing the messages or details of obviously innocent users. RIM should also ensure that any disclosures are made using secure media,” Wynn said.
Blackberry Messenger is a free service that allows users to send private messages to one another. Those messages are encrypted when they are sent, and RIM has previously said that it is unable to unscramble the contents, according to the Guardian newspaper.
Technology law news is also available from Bootlaw, a free resource for technology start-ups, with regular events hosted by Pinsent Masons.